Security Alert (A15-05-02): Multiple Vulnerabilities in Microsoft Products (May 2015)
13 May 2015
Microsoft has released 13 security bulletins listed below addressing multiple vulnerabilities which affect several Microsoft products or components:
MS15-043 Cumulative Security Update for Internet Explorer MS15-044 Vulnerabilities in Microsoft Font Drivers Could Allow Remote Code Execution MS15-045 Vulnerability in Windows Journal Could Allow Remote Code Execution MS15-046 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution MS15-047 Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution MS15-048 Vulnerabilities in .NET Framework Could Allow Elevation of Privilege MS15-049 Vulnerability in Silverlight Could Allow Elevation of Privilege MS15-050 Vulnerability in Service Control Manager Could Allow Elevation of Privilege MS15-051 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege MS15-052 Vulnerability in Windows Kernel Could Allow Security Feature Bypass MS15-053 Vulnerabilities in JScript and VBScript Scripting Engines Could Allow Security Feature Bypass MS15-054 Vulnerability in Microsoft Management Console File Format Could Allow Denial of Service MS15-055 Vulnerability in Schannel Could Allow Information Disclosure
Depending on the vulnerability exploited, a successful attack could lead to bypass of security restrictions, elevation of privilege, information disclosure, denial of service or arbitrary code execution.
Patches for affected products are available from the Microsoft Update website. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
Microsoft Update http://update.microsoft.com/microsoftupdate